Content streaming systems and methods are known. In most of these systems, the content provider provides a client application so that they can securely stream content to a device. When the content provider controls the client application, a certificate at the content provider and on the client application can be used to provide secure streaming content to the device. However, if the content provider does not have control of the client application, then certificates cannot be used to provide secure streaming of content. It is desirable to provide a system and method that allow for the secure delivery of content to devices with the content player is not provided by the content provider and it is to this end that the disclosure is directed.